option
Cuestiones
ayuda
daypo
CREAR TEST
buscar.php

SECAUTH2

COMENTARIOS ESTADÍSTICAS RÉCORDS
REALIZAR TEST
Título del Test:
SECAUTH2

Descripción:
SECAUTH

Fecha de Creación: 2022/07/29

Categoría: Otros

Número Preguntas: 80

Valoración:(2)
COMPARTE EL TEST
Nuevo ComentarioNuevo Comentario
Comentarios
NO HAY REGISTROS
Temario:

A user is authorized to run SP01. What can this user access with authorization object S_SPO_ACT when the “Value for Authorization Check” field is set to “_USER_”?. All spool requests for a specific user in the client. All spool requests for all specific users in the client. All spool requests for users in the same user group. All unprotected spool requests for all users in the client.

Which of the following programs can be used to enable ALE Audit using the ALEAUD message type in the Customer Distribution Model and Partner Profiles? Note: There are 2 correct answers to this question. RBDAPP01. RBDSTATE. RBDAUD01. RBDMIDOC.

You are asked to set up controls to monitor sensitive objects (such as programs, user exits, and function modules) in a development system before they are transported to the quality assurance system. Which table would you maintain to monitor such sensitive objects before running an import?. TMSBUFFER. TMSMCONF. TMSCDES. TMSTCRI.

What authorization objects do we need to create job steps with external commands in a background job? Note: There are 2 correct answers to this question. S_LOG_COM. S_RZL_ADM. S_BTCH_ADM. S_BTCH_EXT.

While performing an audit of changes to the system and client change options for your production SAP S/4HANA environment, you receive the following message in transaction SCC4. “No logs found for selected period” How can you correct the problem. Maintain parameter rsau/enable with value 1. Maintain parameter log-mode with value normal SAP HANA. Maintain parameter rdisp/TRACE with value 3. Maintain parameter rec/client with value ALL.

Which transaction or report can be used to audit profile assignments in an SU01 user master record? Note: There are 2 correct answers to this question. ST01. SM20N. RSUSR002. RSUSR100.

Which users should exist in client 000? Note: There are 2 correct answers to this question. EARLYWATCH. SAPCPIC. SAP*. TMSADM.

You are evaluating the “Cross-client object change” option using transaction SCC4 for your Unit Test Client in the development environment. Which setting do you recommend?. No changes to repository and cross-client customizing objects. No changes to repository objects. No changes to cross-client customizing objects. Changes to repository and cross-client customizing allowed.

You want to use Configuration Validation functionality in SAP Solution Manager to check the consistency of settings across your SAP environment. What serves as the reference basis for Configuration Validation? Note: These are 2 correct answers to this question. A list of recommended notes from RSECNOTE. A virtual set of manually maintained configuration items. A target system in your system landscape. A result list of configuration items from Solution Finder for SAP EarlyWatch Alert.

Where can you store Security Audit Log Events? Note: There are 2 correct answers to this question. In the file system of the application servers. In the database table RSAU_BUF_DATA. In the Linux system log. In the kernel trace.

You want to carry out some preparatory work for running the SAP Security Optimization Self-service on a customer system. Which of the following steps do you have to run on the managed systems? Note: There are 2 correct answers to this question. Grant operating system access. Configure specific authorizations. Install the ST-A/PI plug-in. Configure Secure Network Communications.

What are the characteristics of the Audit Information System (AIS)? Note: There are 2 correct answers to this question. The report selection variables are configured during setup. It can be launched directly using transaction SECR. The roles are built from nodes in the Implementation Guide (IMG). It offers two types of audit reports: system and business.

Under which group can you find the “System Recommendations” file in the Solution Manager launchpad?. IT Service Management. Technical Administration. Root Cause Analysis. Change Management.

What does the SAP Security Optimization Service provide? Note: There are 2 correct answers to this question. Results containing the list of patches that have to be applied. Analysis of the network configuration. Configuration checks of SAP systems. Analysis of the security vulnerabilities within an SAP landscape.

What does return code 12 mean when performing STAUTHTRACE?. An invalid user name was specified in user. Too many parameters for authorization checks. No authorization and no authorization object in user buffer. No authorization but does have authorization object un user buffer.

Which of the following function can be used to troubleshoot authorization errors for ABAP CDS views with Authorization based on Access Control?. STAUTHTRACE. E2E TRACE ANALYSIS. REPORT RSUSR008_009. ABAP TRACE.

You want to check the custom ABAP codes in your system for security vulnerabilities and you want to use the SAP Code Vulnerability Analyzer to carry out these extended security checks. What need to be done for this purpose? Note: There are 2 correct answers to this question. Run SAP Code Vulnerability Analyzer from the ABAP Test Cockpit. Run the transaction ST12 to start the analysis. Run the extended syntax check from the SLIN transaction. Run SAP Code Vulnerability Analyzer from the transaction ST01.

To which services packages does SAP Security Optimization Services (SOS) belong?. EarlyWatch Reporting. Application Integration Optimization. Performance Optimization. System Administration Optimization.

For which purpose do you user instance Secure Storage File System (SSFS) in an SAP HANA system? Note: there are 2 correct answers to this question. a)       To store root keys for data volume encryption. b)      To protect the password of the root key backup. c)       To store the secure single sign-on configuration. d)      To protect the X.509 public key infrastructure certificates.

Who can revoke a runtime role from a user in the SAP HANA tenant database? Note: There are 2 correct answers to this question. Note: there are 2 correct answers to this question. a)       Anyone with “ROLE ADMIN”. b)      The DBACOCKPIT user. c)       The grating user. d)      The owner of the HDI container.

What connection type is used for restricted users?. a)       JDBC. b)      HTTP/S. c)       ODBC. d)      OLEDB.

To enable access between tenant databases, what do you need to do in an SAP HANA system for multitenant database containers? Note: there are 3 correct answers to this question. a)       The INIFILE ADMIN system privilege must be assigned. b)      The bi-directional communication channel must be in the allow list. c)       The user in the source system must have sufficient privileges in the target database. d)      The cross-tenant database communication must be explicitly activated. e)      The user in the source system must be associated with a user in the target database.

What are characteristics of SAP HANA Deployment Infrastructure (HDI) roles? Note: there are 2 correct answers to this question. a)       They are managed by the native HDI version control. b)      They are granted using database procedures. c)       They are transportable between systems. d)      They are owned by the user who creates them.

Which features do SAP HANA SQL-based analytic privileges offer compared to classic XML-based ones? Note: there are 2 correct answers to this question. a)       Complex flitering. b)      Control of read-only SAP HANA procedures. c)       Transportable. d)      Control of read-only access to SQL views.

How are user group administrators and user groups related in SAP HANA? Note: there are 2 correct answers to this question. a)       Multiple user group administrators per user group. b)      Only one user group per user group administrator. c)       Only one user group administrator per user group. d)      Multiple user groups per user group administrator.

Where does SAP HANA store the values for the default Password Policy parameter? Note: there are 2 correct answers to this question. a)       attributes.ini. b)      indexserver.ini. c)       global.ini. d)      nameservice.ini.

What are some characteristics of an SAP HANA multitenant database system (MDC) running in high insolation mode? Note: there are 2 correct answers to this question. a)       The <sid>adm user can access the tenant-specific configuration and trace files. b)      All tenant-specific file and directory permissions are managed by the SAP HANA system. c)       All tenant-specific permissions to access files and directories are revoked from the <sid>adm user. d)      All tenant databases will share the operating system user and group.

What are characteristic of the SAP_INTERNAL_HANA_SUPPORT catalog role? Note: there are 2 correct answers to this question. a)       It has full access to all metadata. b)      Object privileges can be granted to the role. c)       System privileges can be granted to the role. d)      No role can be granted to it.

What authorization object is checked when a user selects an ABAP Web Dynpro application to run?. a)       S_PROGRAM. b)      S_TCODE. c)       S_START. d)      S_SERVICE.

Which authorizations should you restrict when you create a developer role in an AS ABAP production system? Note: There are 2 correct answers to this question. The ability to run queries through authorization object S_QUERY. The ability to use the ABAP Debugger through the authorization object S_DEVELOP. The ability to run class methods through authorization object S_PROGRAM. The ability to run function modules through authorization object S_DEVELOP.

What can you maintain in transaction SU24 to reduce the overall maintenance in PFCG? Note: There are 3 correct answers to this question. a)       The default values in the tables USOBX and USOBT. b)      The authorization objects that have unacceptable default values. c)       The default values so they are appropriate for the transactions used in the roles. d)      The authorization objects that are not linked to transactions codes correctly. e)      The default authority check settings for the role maintenance tool.

What is the SAP Best Practice to delete a security SAP role from the landscape running SAP systems?. a)       Delete the SAP role using Profile Generator, and then put it in the transport. b)      Delete the SAP role in all clients using Profile Generator. c)       Delete the SAP role in all clients in all systems using Profile Generator. d)      Transport the SAP role and delete the role using Profile Generator.

You have delimited a single role that is part of a composite role, and a user comparison for the composite role has been performed. You notice that the comparation did NOT…. profile assignments for that single role. What program would you run to resolve this situation?. a)       PRGN_COMPARE_ROLE_MENU. b)      PRGN_DELETE_ACTIVITY_GROUPS. c)       PRGN_MERGE_PREVIEW. d)      PRGN_COMPRESS_TIMES.

You want to create a role to provide users the ability to display and change an HR table’s content based on the country groupings. Which of the steps would you take to accomplish these requirements? Note: There are 2 correct answers to this question. a)       Define an organization criterion through transaction SPRO. b)      Create an authorization group with appropriate authorization fields for the table. c)       Maintain the authorization object S_TABU_LIN. d)      Maintain the authorization object S_TABU_NAM.

How do you secure the special user “SAP*” in AS ABAP? Note: There are 3 correct answers to this question. a)       Lock and expire the user in all clients except 000. b)      Remove all authorizations from the user. c)       Set profile parameter login/no_automatic_user_sapstar to 0. d)      Lock and expire the user in all clients. e)      Set profile parameter login/no_automatic_user_sapstar to 1.

You verified the password of the TMSADM user in your SAP landscape to be SAP defaulted. You want to reset this password by using the program TMS_UPDATE_PWD_OF_TMSADM. What steps would you take to reset this password? Note: There are 2 correct answers to this question. a)       Run the program in the Domain Controller (client 000). b)      Execute command TP LOCKSYS <SID> pf=<DOMAIN_CONTROLLER_PROFILE>. c)       Run the program in all systems/clients including 000. d)      Deactivate the SNC option.

How can you protect a table containing sensitive data using the authorization object S_TABU_DIS?. a)       Authorization table groups containing tables with sensitive data must be defined in the TDDAT table and these must be omitted for anyone who does not need access to these tables. b)      The tables containing sensitive data must be associated with table groups in the TBRG table. c)       The DICBERCLS field of the authorization object must enumerate all table names of the tables containing sensitive data. d)      The tables containing sensitive data must be named using the authorizations object S_TABU_NAM for all responsible administration. The DICBERCLS fields of the S_TABU_DIS object can then be field with *.

How would you control access to ABAP RFC function modules? Note: There are 2 correct answers to this question. a)       Implement UCON functionality. b)      Restrict RFC authorizations. c)       Block RFC Callback Whitelists. d)      Deactivate switchable authorization checks.

Which authorization object is required to support trusted system access by an RFC user following the configuration of a Managed System in SAP Solution Manager?. a)       S_RFC_TTAC. b)      S_RFCACL. c)       S_ACL_HIST. d)      S_RFC_TT.

When re-configuring the user management engine (UME) of an AS Java system, what do you need to consider to change the data source from system database to an ABAP successfully?. a)       The ogon security policy for the existing uer is assigned with the logon security policy in the ABAP system. b)      All users and groups in the system database must have different IDs than existing users and groups in the ABAP system. c)       The UME configuration file dataSourceConfiguration_databse_only.xml is automatically updated with an appropriate dataSourceConfiguration_abap.xml file. d)      You need to import users from the system database into the ABAP system.

SAP GRC Access Control provides risk analysis for which of the following? Note: There are 2 correct answers to this question. a)       Business Role Management. b)      Access Request Management. c)       Business Rule Framework. d)      Password Self-Service.

Based on your company guidelines you have set the password expiration to 60 days. Unfortunately, there is an RFC user in your SAP system who must not have a password change for 180 days. Which option would you recommend to accomplish such a request?. a)       Define the RFC user as a reference user. b)      Change the profile parameter login/password_expiration_time to 180. c)       Create a security policy via SECPOL and assign it to the RFC user. d)      Create an enhancement spot or user exit.

For which reasons would you choose an “anonymous SSL Client PSE” setup? Note: There are 2 correct answers to this question. a)       To use as a container for the CAs. b)      To perform mutual authentication. c)       To use data encryption. d)      To perform authentication.

Which tasks would you perform to allow increased security for the SAP Web Dispatcher Web Administration Interface? Note: There are 2 correct answers to this question. a)       Use a separate port for the administration interface. b)      Use access restrictions to the icm/HTTP/auth_<xx> profile parameter. c)       Use subparameter ALLOWPUB = TRUE of the profile parameter icm/server_port_<xx>. d)      Use Secure Socket Layer (SSL) for encrypted access.

You want to configure SNC in a newly-installed AS ABAP based SAP system. Besides running SNCWIZARD, what else do you need to perform for this scenario? Note: There are 2 correct answers to this question. a)       Enable encrypted HTTP service. b)      Set the parameters using sapgenpse. c)       Retsart the SAP system. d)      Manage the PSE.

What is the purpose of the parameter rec/client in an AS ABAP based SAP system?. a)       To log changes in tables. b)      To generate changes in documents. c)       To generate source code versions. d)      To log changes in Core Data Services views.

What are main characteristics of the Logon ticket throughout an SSO logon procedure? Note: There are 2 correct answers to this question. a)       The Logon ticket session is held in the working memory. b)      The Logon ticket is sued for user-to-system communication. c)       The Logon ticket is not domain restricted. d)      The Logon ticket is always set to client 000.

Which measures should we implement to protect the PSEs? Note: There are 2 correct answers to this question. a)       Restrict access to the opposing system users. b)      Encyrpt the files with the transaction SNC0. c)       Review the usage of the S_DATASET object. d)      Review the usage of the S_ADMI_FCD object.

What are the characteristics of HTTP security session management? Note: There are 3 correct answers to this question. a)       Checks the logon credentials again for every request. b)      Deletes security sessions at logoff. c)       Starts security sessions with a short user-based expiration time. d)      Refers to the session context through the session identifier. e)      Creates security sessions at logon.

You are using the SAP Web Dispatcher for load-balancing purposes. Which actions are performed by the SAP Web Dispatcher in this scenario? Note: There are 2 correct answers to this question. a)       Validates the user credentials. b)      Decrypts the HTTPS request and then selects the server. c)       Uses logon groups to determine how to direct requests. d)      Checks the current state of the message server.

You want to allow yout trainee colleagues to use the SAP GUI to connect directly to your SAP S/4HANA (on-premise) demo system form a public internet connection Which of the following SAP solutions is suited for this purpose?. a)       SAP Cloud Connector. b)      SAPProuter. c)       SAP NetWeaver Gateway. d)      SAP Web Dispatcher.

SNC is configured in the production system. For emergency purposes, you want to allow certain accounts to be able to access the system with password logon. What do you need to set up for this purpose? Note: There are 2 correct answers to this question. a)       Use ‘Unsecure communication permitted’ in SU01. b)      Maintain the user access control list in table USRACLEXT. c)       Use the profile parameter snc/accept_insecure_gui with value ‘U’. d)      Use the profile parameter snc/only_encrypted_gui with value ‘0’.

How are assertion tickets used?. a)       They are used for system-to-system encryption. b)      They are used for encrypting Web service communication. c)       They are used for user-to-system trusted login. d)      They are used for system-to-system communication.

You haver created an RFC destination with a registered external RFC server program. When you try to connect to the external RFC destination you receive a “SERVER_NOT_REGISTERED” error message. Note: There are 2 correct answers to this question How can you resolve the issue?. a)       Maintain the access list in the transaction SMMS. b)      Maintain the entries in the REGINFO file. c)       Maintain the entries in the SECINFO file. d)      Maintain the profile parameter gw/acl_mode = 0.

Which features does SAProuter provide? Note: There are 2 correct answers to this question. a)       HTTP conversion into HTTPS connections. b)       Password-protected connections. c)       Load-balanced RFC connections. d)       Filtered and logged network connections.

What are the key capabilities of Enterprise Threat Detection? Note: There are 2 correct answers to this question. a)       Dashboard-based analysis for security risks. b)       Real time capture of abnormal user activities. c)       Predictive threat notification. d)       Blocking user access.

How does the SAP SSO wizard (transaction SNCWIZARD) simplify the SNC configuration process?. a)       It set the profile parameters for SAP SNC in the default profile. b)       It creates the SNC_LIB environment variable in OS user profile. c)       It sets the profile parameter for SAP SNC in the instance profile. d)       It restarts the SAP application server for all profile changes to take effect.

Which communication protocols are supported by the SAP Cloud Connector? Note: There are 2 correct answers to this question. a)       LDAP. b)      NNTP. c)       SNA. d)      RFC.

How can you describe static and dynamic assignments? Note: There are 2 correct answers to this question. a)       Static assignments occur at runtime. b)      Dynamic assignments are based on scope values. c)       Dynamic assignments are based on attribute values. d)      Static assignments are set up via the Cloud Cockpit.

How can you describe the hierarchical relationships between technical entities in the Cloud Foundry?. a)       A global account can have one or many subaccounts. b)      A subscription is a PaaS tenant. c)       A SaaS tenant acts as one provider account. d)      A SaaS tenant acts as one Cloud Foundry Organization.

How are security relevant objects related in the Cloud Foundry? Note: There are 2 correct answers to this question. a)       Role Collections have 0 or many role templates. b)      Role Templates have 0 or many attributes. c)       Role Collections have 0 or many roles. d)      Role Templates have 1 or many scopes.

What is the default authentication mechanism in the SAP Cloud Platform?. a)       Kerberos. b)      SAML. c)       X 509 Certificates. d)      SAP Logon Tickets.

Which type of systems can be found in the Identify Provisioning Service landscape? Note: There are 2 correct answers to this question. a)       Identify Provider. b)       Source. c)       Service Provider. d)       Proxy.

Which platform services are available in the Cloud Foundry? Note: There are 2 correct answers to this question. a)       Integration. b)       Data Quality. c)       Commerce. d)       Analytics.

Which characteristics apply to the SAP ID Service? Note: There are 2 correct answers to this question. a)       Configurable password policy. b)       Non-configurable MFA for SAP BTP Cockpit. c)       Customizable user interface. d)       User base owned and managed by SAP.

What information constitutes an indirect connection to an individual, in the context of GDPR? Note: There are 3 correct answers to this question. a)       License plate number. b)      Postal Address. c)       IP Address. d)      Date of Birth. e)      National Identifier.

Which SAP tool provides functions to support Data Destruction, Business Rules Maintenance, and Processing of Audit Areas?. a)       SAP Data Controller Rule Framework. b)      SAP Information Lifecycle Management. c)       SAP Business Rule Framework Plus. d)      SAP Information Retrieval Framework.

Which SAP product supports General Data Privacy Regulation (GDPR) compliance through mitigating control testing and validation. a)       SAP Solution Manager. b)      SAP Access Control. c)       SAP Identify Access Governance. d)      SAP Process Control.

Which of the following user types can be used to log on interactively? Note: There are 2 correct answers to this question. a)       Service. b)       System. c)       Dialog. d)       Communication.

Which of the 7 core principles of the General Data Privacy Regulation (GDPR) requires thorough documentation of all policies and controls that govern the collection and processing of data?. a)       Accuracy. b)       Integrity and Confidentiality. c)       Accountability. d)       Lawfulness, Fairness and Transparency.

The security administrator is troubleshooting authorization errors using transaction SU53. While running transaction MM50, the user received the following error. “You are not authorized to use transaction MM01” The user’s position in the organization makes it inappropriate for them to have direct access to transaction MM01 because it creates a Segregation of Duties conflict. How can the security administrator resolve the issue and still provide the user with the needed access to MM50?. a)       Set the check indicator value for object S_TCODE in the SU24 data for transaction MM01 to Do Not Check. b)      Remove transaction MM01 as a CALLING transaction from table TCDCOUPLES. c)       Set the value form instance parameter auth/no_check_in_some_cases to N. d)      Set the check indicator (for the transaction authorization called by the MM01 transaction) to NO, using transaction SE97 for transaction MM50.

Which tools can you use to troubleshoot an authorization issue with a Fiori application? Note: There are 2 correct answers to this question. a)       /IWBEP/ERROR_LOG. b)      /UI2/GW_APPS_LOG. c)       /IWFND/ERROR_LOG. d)      /UI2/FLC.

Which OData authorizations are required for a user to see business data in the SAP Fiori Launchpad? Note: There are 2 correct answers to this question. a)       Start authorization in the SAP S/4HANA back-end system. b)      Start authorization in the SAP Fiori front-end system. c)       Access authorization in the SAP Fiori front-end system. d)      Access authorization in the SAP S/4HANA back-end system.

You want to create an SAP Fiori app for multiple users and multiple back-end systems. To support this, you create different roles for the different back-end systems in the SAP Fiori front-end system (central hub) What transactions do you have to use to map a back-end system to one of those roles?. a)       SEGW. b)      /IWFND/MAINT_SERVICE. c)       PFCG. d)      /UI2/GW_SYS_ALIAS.

Which authorizations are required for an SAP Fiori Launchpad user? Note: There are 2 correct answers to this question. a)       /UI2/PAGE_BUILDER_PERS. b)      /UI2/PAGE_BUILDER_CUST. c)       /UI2/INTEROP. d)      /UI2/CHIP.

How is the role concept applied for modeled authorizations based on Core Data Services (CDS) views?. a)       CDS roles are defined for the CDS views and implicitly applied to each user. b)      CDS roles are defined in the WHERE clause when calling a CDS view in Open SQL. c)       CDS roles are mapped to the CDS view in the access rules. d)      CDS roles are defined for CDS views in Object Navigator.

An end user has indicated that they are getting an authorization error when attempting to call a Transaction Code (TCD). However, the TCD exists in the User Manu. What could be the issue and where would you check?. a)       The TCD is assigned to the user via multiples roles; check in PFCG. b)      Additional authorization checks are required for the TC; check in SE93. c)       This user is blocked from calling the TCD; check in SM01. d)      An entry in table USRBF prevents them from calling the TCD; check SE16.

The security administrator is troubleshooting authorization errors using transaction SU53. While running transaction MM50, the user received the following error: “You are not authorized to use transaction MM01” The users position in the organization makes it inappropriate for them to have direct access to transaction MM01 because it creates a Segregation of Duties conflict. What would cause the system to run an authority check using object S_TCODE for transaction MM01 while running transaction MM50?. a)       MM01 was maintained as the CALLING transaction in table TCDCOUPLES with field OKFLAG value X. b)      The proposal value for the object S_TCODE in the SU24 data for transaction MM50 was incorrectly set to YES. c)       The developer who wrote the program for transaction MM50 issues the ABAL command CALL TRANSACTION for transaction MM01. d)      The instance parameter auth/no_check_in_some_cases has been set to Y.

Which communication methods does the SAP Fiori Launchpad use to retrieve business data? Note: There are 2 correct answers to this question. a)       SNC. b)       InA. c)       IIOP. d)       OData.

What must be included in a PFCG role for an end user on the Fiori front-end server to run an app?. a)       The catalog assignment for the start authorization. b)       The group assignment to display it in the Fiori Launchpad. c)       The S_START authorization object for starting the OData service. d)       The S_RFC authorization object for the OData access.
Denunciar Test